Rolls Royce, a British engineering company renowned for its production of luxury cars, aircraft engines, and other advanced technological solutions, seems to have become the latest victim of a cyber attack.
A threat actor group known as Network-worker Alliance has claimed an attack on Rolls-Royce SMR, adding the company to the victim list.
The Rolls-Royce SMR, or UK SMR, is an ongoing project by Rolls-Royce in the United Kingdom aimed at developing a small modular reactor.
While the Rolls Royce cyber attack has not been confirmed by the British company, researchers reported facing issues while trying to access the official website of the company.
Rolls Royce cyber attack
The Cyber Express emailed Rolls-Royce asking about the claims. We will update this report based on its reply. The website was not accessible at the time of writing after the alleged Rolls Royce cyber attack.
Threat Intelligence Service Falcon Feeds tweeted the above screenshot of the website after the Rolls Royce SMR cyber attack. The tweet mentioned that the website was currently having issues.
Rolls-Royce Limited is a British luxury car and later an aero-engine manufacturing business established by the partnership of Charles Rolls and Henry Royce. Rolls Royce SMR small modular reactor developed by Rolls-Royce UK.
The website showed the Error code 525 on 30 July.
“Error 525 indicates that the SSL handshake between Cloudflare and the origin web server failed,” stated a report.
The report further explained that this error message showed when the domain was using Cloudflare Full or Full (Strict) SSL mode and there was likely a configuration problem in the affected web server.
Such errors would typically show an ‘Error 525: SSL handshake failed.
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) handshake authenticate data transfers between servers and systems including browsers. SSL certificates secure websites using HTTPS and SSL handshakes are part of HTTPS connections.
Receiving an Error 525 message on a website could indicate that there were problems with establishing a secure connection. It is also caused if a third-party intercepts a connection.
UK cyber attacks on the rise
According to reports, the U.K. suffered more cyber attacks than any other European country with the energy sector being the most targeted. The report speculated that the cause of this could be underspending for cybersecurity.
Of all the cyber attacks in the past year in Europe, the cyber attacks on the UK accounted for 43% of attacks.
The energy and finance sector suffered the highest number of cyber attacks. Both, the energy and finance sectors suffered 16% of attacks each.
According to the UK government cybersecurity breach survey published in April, 32% of businesses and 24% of charities overall recall any breaches or attacks from the last 12 months.
“This is much higher for medium businesses (59%), large businesses (69%) and high-income charities with £500,000 or more in annual income (56%),” said the report.
Global cyber attacks landscape
An increase has been noticed during and after the pandemic due to the changing work scenario and remote working.
The COVID-19 pandemic resulted in increasing the cyber attack rate to 600% which forced companies globally to adapt to the cybersecurity tools and guidelines rather quickly.
Moreover, the cost of cybercrime is fast growing and expected to move over $10.15 trillion annually by 2025 from $3 trillion in 2015, globally. It also highlights the focus of economic wealth being drawn towards cybersecurity spending.
An increased number of cyber attacks on small to medium-sized businesses was noticed with 43% of attacks targeted against small businesses. However, 14% of the organizations were found to be prepared with adequate cybersecurity to prevent cyber attacks.
Around 45% of businesses felt that their processes were ineffective against threats. Phishing was the biggest type of attack mechanism on small businesses accounting for 57%. Stolen credentials accounted for 30% of cyber attacks.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.